Advertisement

Advertisement

Why better data laws will change the nature of business

A new set of laws governing personal data is the game-changer that all businesses need, says Sam Handfield-Jones of Octopus

ADVERTISING FEATURE

THE way personal data is used matters more than ever. Used badly, data can at the very least pose a major headache for consumers who dread unsolicited product promotions via their phone number, email or letter box. But used responsibly, data can make a huge positive impact on people’s daily lives, allowing them to interact with businesses in ways that are slicker and more relevant.

This kind of positive interaction is important, particularly for companies involved in finance, says Sam Handfield-Jones, director of Octopus Labs, the fintech arm of Octopus Group. And good experiences are key for businesses that want to attract and retain customers. They build trust, says Handfield-Jones.

Advertisement

That’s hard to do well. Consumers are understandably cautious about sharing their personal information, not least because of various high-profile data breaches and revelations about how data can be misused. “My concern is that we think of sharing our data as a bad thing,” he says.

But that looks set to change. From 25 May, a new set of laws come into force that will change the way companies use information. The ambitious goal is to make the sharing of personal data a positive experience. And with large fines threatened for companies that fail to comply, there are significant incentives to make it work.

The so-called General Data Protection Regulation (GDPR) is a Europe-wide initiative to set a new standard for data collection and management. Besides punishing those who fail to clean up their act, it will empower businesses to provide bigger and better data-driven services. “The benefit of GDPR is that it creates a unified framework across companies,” says Handfield-Jones. “As a consumer you gain some comfort about handing over your data.”

So what exactly counts as personal data and what does the GDPR say about it? The new laws cover any data that can identify individuals, such as names, addresses, bank details – but also their preferences, purchases and browsing history. Under GDPR, any organisation operating in the European Union that wishes to hold or use personal data in any way must seek and be given consent by the individual who owns that data. The process of opting in also needs to be more transparent. “You can’t just hide things in your terms and conditions,” say Handfield-Jones.

“GDPR will ensure firms deal with your data in the correct way”

Even if individuals have opted in to a data-sharing agreement with an organisation, they still have the right to be forgotten. At their request, an organisation must delete the personal data from its databases – or at least scramble the data to halt further use. Finally, organisations need to have a data protection officer responsible for enforcing the above conditions and keeping personal data secure.

Organisations that violate these regulations face huge fines. Handfield-Jones sums it up: “Companies holding information about you must look after it. If you don’t want them to have it any more, they must delete it. That’s the new standard for every company and if they screw up, they’ll be penalised.”

Octopus was set up 18 years ago to better serve customers in the financial services sector – an area that the company believes had long been neglected. “The idea was to max out on customer service and do finance in a different way,” says Handfield-Jones. Two years ago, he was hired to work on the development of innovative new financial products, powered by data so as to make them easy to use and transparent. Two of its leading products are Octopus Cash – an online tool that lets people save money across six different bank accounts with a single tap – and Octopus Choice, a novel peer-to-peer lending platform available on the App Store and Google Play.

“Companies holding information about you must look after it. If you don’t want them to have it any more, they must delete it”

An important part of the company’s business is personal data, letting Octopus build customised services. “A few years back, if you wanted a tailored service you’d have to pay for a private wealth manager,” says Handfield-Jones. “With personal data, you can take people’s preferences and tailor your service to individuals. That’s pretty powerful.”

It’s great for the product designers as well. “Data gives us real-time feedback, real usage data, and tells us how and when people are interacting with our service.”

Feedback from those interactions is shaping the design of products like Octopus Choice in new ways. A key feature of the peer-to-peer app is that lenders can see at a glance exactly where their money is being invested, via pins on a map.

This transparency extends to Octopus’s profit margin too. Octopus chips in 5 per cent of the amount lenders invest to give customers greater confidence. What’s more, the company publishes the amount it is making off each loan in an easy-to-read online list, so borrowers can see exactly what happens to their repayments. “That’s the experience everyone should have and data is a huge part of being able to do that,” says Handfield-Jones.

Trust is essential for making financial products successful. And transparency and accountability are essential for building trust. “This much transparency is scary for businesses; it’s a mindset shift. But our experience so far is that people really appreciate it. They can decide if we make too much or too little and whether to use our service.”

For Octopus, it’s about more than customers opting in and out of sharing data; it’s about how a customer emotionally engages. “Opting in then becomes part of a much bigger question about how they feel interacting with a company,” says Handfield-Jones. “Does the company make them feel good? Is the company transparent? If they were a person, would they be your friend, and would you trust them?”

The cynic might raise an eyebrow at such sentiments, but this is how small, relatively new businesses like Octopus have made their mark. The big banks might not score highly in customer service surveys, but people trust them because they have been around for so long. Newcomers need to earn that trust in more meaningful ways. And that’s where GDPR is going to make a big difference.

“Transferring your life savings isn’t something you do lightly,” says Handfield-Jones. It’s a challenge every new fintech business has to overcome. But GDPR levels the playing field. It will ensure firms deal with your data in the correct way. “It helps create trust that allows smaller companies to start providing services that people deserve and want, but may have been unsure of so far.”